Virtual smart card to perform security-critical operations

US 9,009,817 B1
Filed: 03/12/2013
Issued: 04/14/2015
Est. Priority Date: 03/12/2013
Status: Active Grant

First Claim

Patent Images

1. A method of enabling a virtual smart card, the method comprising:

prompting the user for a unique identifier;

receiving the unique identifier based on user input;

initializing the virtual smart card in response to the received unique identifier;

reading data associated with the unique identifier via a reader device, wherein the data comprises a key stream of digital data bits associated with the unique identifier;

identifying a user'"'"'s smart card base address from a first portion of the digital data bits of the key stream; and

authenticating a user based on received unique identifier and results of the read data.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A portable data or information carrier in the form of a smart card with partially or fully virtualized components. To maximize the confidentiality of information stored in the carrier, and more specifically to limit the amount of information available to a potential defrauder, electronic components such as circuits, I/O, cryptographic, memory and dummy objects are built, modified or influenced on demand from physical characteristics of an eligible person or device. Digitized unique biometric or hardware identifiers are read upon start-up and runtime of the device and, in case of an eligible person or device, subsequently supply all values necessary for determination of the characteristics of the user specific virtual smart cards objects, their placement and connections. By multi-factor authentication, the end-user or device will retain sole control of its keys and use them for authentication, signature or encryption purposes as if he had a physical smart card in his hand.

30 Citations

View as Search Results

20 Claims

1. A method of enabling a virtual smart card, the method comprising:
- prompting the user for a unique identifier;
  
  receiving the unique identifier based on user input;
  
  initializing the virtual smart card in response to the received unique identifier;
  
  reading data associated with the unique identifier via a reader device, wherein the data comprises a key stream of digital data bits associated with the unique identifier;
  
  identifying a user'"'"'s smart card base address from a first portion of the digital data bits of the key stream; and
  
  authenticating a user based on received unique identifier and results of the read data.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein the unique identifier comprises digital biometric data.
  - 3. The method of claim 2, wherein the digital biometric data is part of the key stream and is associated with a digitized fingerprint.
  - 4. The method of claim 3, wherein the reader device uses its own clock cycles to compute a defined part of the key stream of the digitized fingerprint.
  - 5. The method of claim 4, wherein subsequent portion of bits of the key stream are offsets of corresponding objects.
  - 6. The method of claim 1, further comprising:
    - loading a secret 48-bit key into a shift register; and
      
      shifting a string into a state that the received unique identifier matches an identifier of a corresponding tag.
  - 7. The method of claim 6, further comprising:
    - generating a random number; and
      
      sending the random number to the reader device and proving that the tag and reader have knowledge of the secret 48-bit key.

8. An apparatus configured to enable a virtual smart card, the apparatus comprising:
- a transmitter configured to transmit a prompt to the user for a unique identifier;
  
  a receiver configured to receive the unique identifier based on user input; and
  
  a processor configured toinitialize the virtual smart card in response to the received unique identifier, read data associated with the unique identifier via a reader device, wherein the data comprises a key stream of digital data bits associated with the unique identifier;
  
  identify a user'"'"'s smart card base address from a first portion of the digital data bits of the key stream; and
  
  authenticate a user based on received unique identifier and results of the read data.
- View Dependent Claims (9, 10, 11, 12, 13)
- - 9. The apparatus of claim 8, wherein the unique identifier comprises digital biometric data.
  - 10. The apparatus of claim 9, wherein the digital biometric data is part of the key stream and is associated with a digitized fingerprint.
  - 11. The apparatus of claim 10, wherein the reader device uses its own clock cycles to compute a defined part of the key stream of the digitized fingerprint.
  - 12. The apparatus of claim 11, wherein a subsequent portion of bits of the key stream are offsets of corresponding objects.
  - 13. The apparatus of claim 8, wherein the processor is further configured to load a secret 48-bit key into a shift register, and shift a string into a state that the received unique identifier matches an identifier of a corresponding tag.

14. A non-transitory computer readable storage medium configured to store instructions that when executed cause a processor to enable a virtual smart card, the processor being configured to perform:
- prompting the user for a unique identifier;
  
  receiving the unique identifier based on user input;
  
  initializing the virtual smart card in response to the received unique identifier;
  
  reading data associated with the unique identifier via a reader device, wherein the data comprises a key stream of digital data bits associated with the unique identifier;
  
  identifying a user'"'"'s smart card base address from a portion of the digital data bits of the key stream; and
  
  authenticating a user based on received unique identifier and results of the read data.
- View Dependent Claims (15, 16, 17, 18, 19, 20)
- - 15. The non-transitory computer readable storage medium of claim 14, wherein the unique identifier comprises digital biometric data.
  - 16. The non-transitory computer readable storage medium of claim 15, wherein the digital biometric data is part of the key stream and is associated with a digitized fingerprint.
  - 17. The non-transitory computer readable storage medium of claim 16, wherein the reader device uses its own clock cycles to compute a defined part of the key stream of the digitized fingerprint.
  - 18. The non-transitory computer readable storage medium of claim 17, wherein subsequent bits of the key stream are offsets of corresponding objects.
  - 19. The non-transitory computer readable storage medium of claim 14, further comprising:
    - loading a secret 48-bit key into a shift register; and
      
      shifting a string into a state that the received unique identifier matches an identifier of a corresponding tag.
  - 20. The non-transitory computer readable storage medium of claim 19, further comprising:
    - generating a random number; and
      
      sending the random number to the reader device and proving that the tag and reader have knowledge of the secret 48-bit key.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Open Invention Network LLC
Original Assignee
Open Invention Network LLC
Inventors
Wieland, Martin
Primary Examiner(s)
REVAK, CHRISTOPHER A

Application Number

US13/796,834
Time in Patent Office

763 Days
Field of Search

None
US Class Current

726/19
CPC Class Codes

G06F 21/32   using biometric data, e.g. ...

G06F 21/34   involving the use of extern...

G06F 21/72   in cryptographic circuits

G06F 21/77   in smart cards

H04L 63/0442   wherein the sending and rec...

H04L 63/0823   using certificates cryptogr...

H04L 63/0853   using an additional device,...

H04L 63/0861   using biometrical features,...

H04L 9/0861   Generation of secret inform...

H04W 12/06   Authentication

H04W 12/35   Protecting application or s...

Virtual smart card to perform security-critical operations

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

30 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Virtual smart card to perform security-critical operations

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

30 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links